Open in app

Sign in

Write

Sign in

Mastodon

Microsoft Azure Structure Explained

Nadeem Khan(NK)
LearnWithNK
Published in
4 min readNov 2, 2019

In my previous blog we discussed about Cloud Computing, and its type. From this blog, we will start diving deep in Microsoft Azure. We will go resource by resource and will try to understand all nitty-gritty . But before start learning about any resources, we will understand about, how Microsoft Azure is structured.

As we know that Azure is the Cloud computing Platform offered by Microsoft. We will not cover how to get started with Azure, maybe I can cover that in some other blog. So I assume, we already have account on Azure. We are going to cover public Azure Cloud in this blog.

On a higher level Azure has 4 logic component, these component are just to create a logical and regional boundaries, around resources offered by Azure.

We signup on Azure, then we get a default directory, and one free subscription.

Components of Azure

  • Directory or Tenant
  • Subscription
  • Resource Group
  • Resources
Azure Hierarchy

Directory

This is a top-level component. This is also known as Azure Tenant or Azure Active Directory. There can be more than one tenant associated with an account. This is the placeholder for all other component of Azure. This is just a logical boundary.

It is very similar to allowing multiple tenant to live in a flat.

Every tenant has one id associated with it, and at least one domain.

This is where we can manage all the users, groups who wants to access the tenant. At this level, highest possible role is GLOBAL ADMINISTRATOR (Whoever has this role, can access every piece in tenant).

If we provide any role at this level, then it is reflected at all levels below, and in all other levels we can’t restrict user role( i.e we can’t provide roles with less capabilities at lower level)

Default Azure Directory

Subscription

This comes under a tenant. Every tenant has at least one subscription associated with it. We can have more than one subscription. This is where all resource groups( we will discuss this in the next section ) are managed. This is also just a logical boundary around resource groups.

Every subscription has one Id associated with it. User inherits their role from tenant, and if we want to modify the capabilities of user at this level, then we can only increase it, but not decrease it.

Access to subscription for users is managed using Access Control (IAM or Identity access management). This is where role is inherited from tenant, and then we can upgrade it.

At this level, highest possible role is OWNER

Free azure subscription

Resource Group

This comes under subscriptions. Every subscription can have more than one resource group. This is just a logical and regional boundaries around all resource which Azure offers.

Users inherits their role from top level. And same inheritance rule is applied here as well, that we have discussed above. Even here as well, the highest possible role in OWNER.

Resource Group

Resources

Until this level, everything was logical, this is where we deploy something physically on Azure. Resources are grouped together under the resource group.

Even here as well same inheritance rule of role is applied, as discussed above.

Azure offers wide variety of resources, which are making life easier for companies, in my future blogs we will be covering many resources, which I have encountered so far.

Cloud resource offered by Azure

Any Questions and Comments are most welcomed.

Stay tuned for more azure related blogs. In my next, we will be learning about strategies to choose azure subscription.

Thanks for reading.

Cloud Computing
Microsoft
Azure
Azure Structure

--

--

Nadeem Khan(NK)
LearnWithNK

Written by Nadeem Khan(NK)

202 Followers
Editor for

Love to share knowledge | wear different hats in the IT industry (Backend, Frontend, DevOps, Cloud) | https://www.linkedin.com/in/nadeem-khan-nk-75135210a/

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams